Year: 2022

Microsoft is committed to partnering with and supporting women in security research. Whether it’s growing women early in their career, or connecting people with mentors, we want to be a part of the journey. Throughout Women’s History Month we intentionally sought opportunities to engage with women in security research. Whether at an intimate gathering of some of the most respected women in security research or engaging with women early in their career, it became obvious there just aren’t enough women in security research.

Opps, this post exists, but was actually published 4/5/2022. We’re navigating you to the correct page now. If that doesn’t work click the link below:
Randomizing the KUSER_SHARED_DATA Structure on Windows – Microsoft Security Response Center

The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen when kernel mode code does not validate that pointers read from attacker-controlled input actually point to the user-mode portion of the Virtual Address Space (VAS).

パソコンやタブレットを利用している際に、突然、“ウイルスに感染した” といった内容を示す画面とともに、

Microsoft released a security update to address CVE-2022-23278 in Microsoft Defender for Endpoint. This important class spoofing vulnerability impacts all platforms. We wish to thank Falcon Force for the collaboration on addressing this issue through coordinated vulnerability disclosure.
Cybercriminals are looking for any opening to tamper with security protections in order to blind, confuse, or often shut off customer defenses.

本ブログは、Guidance for CVE-2022-23278 spoofing in Microsoft Defender for Endpoint の抄訳版です。最新の情報は原文を参照してください。 マイク

2022 年 3 月 8 日（米国時間）、マイクロソフトは、マイクロソフト製品に影響する脆弱性を修正するために、セキ

On December 10, 2021, Microsoft mitigated a vulnerability in the Azure Automation service. Azure Automation accounts that used Managed Identitiestokens for authorization and an Azure Sandbox for job runtime and execution were exposed. Microsoft has not detected evidence of misuse of tokens.
Microsoft has notified customers with affected Automation accounts. Microsoft recommends following the security best practices herefor the Azure Automation service

本ブログは、Cyber threat activity in Ukraine: analysis and resources – Microsoft Security Response Center の抄訳版です。最新の情報は原文を参照してください。 2022 年

UPDATE 27 Apr 2022: See Updated malware details and Microsoft security product detections below as discussed in the Special Report: Ukraine.
UPDATE 02 MAR 2022: See Updated malware details and Microsoft security product detections below for additional insights and protections specific to the evolving threats we have identified impacting organizations with ties to Ukraine.